In The News

The New Frontier of App Security

Ryan O’Leary - WhiteHat Security |
December 14, 2017

The speed of business is constantly increasing. To keep up, organizations have started to develop and release new products, websites, and apps at breakneck speeds. This quickened pace has shifted the way web applications are developed.

Development software now needs to seamlessly integrate into other tools, so there are more APIs, and because we want to release apps faster, we’ve moved to a micro-service architecture. These are both fantastic ways to switch the paradigm of development, but there is concern that, as we move quicker, the security of these new innovations doesn’t keep up with the speed at which they are built. The more rapidly companies release code, the faster they release potential vulnerabilities that nefarious threat actors can exploit.

Our industry cannot forget about the security of new applications. Recently, we tested a number of “API first” applications and noticed a disturbing pattern. Simple vulnerabilities — ones that should never be present, like being able to view another user’s data by simply using my API key and changing the value in a parameter — are everywhere. These are threats that shouldn’t be on the table.

Cookie Use

We use cookies to store information on your computer that are either essential to make our site work or help us personalize and improve the user experience. By using this site, you consent to the placement of these cookies. To learn more, see our Cookie Policy.